Lab 16: Manage Local Groups

Objective Focus

Manage users and groups: Create, delete, and modify local groups and group memberships

We are going to look at some files that are related to the groups, but first lets define groups in linux. In Linux, groups are just another way to manage users and access. Groups also allow users to collaborate with access to the same directories and files.

There are two flavors in regard to groups. They are primary and secondary.

/etc/group

This file contains information similar to the /etc/passwd file.

$ man 5 group

The man page for this file contains descriptions of each field. I am not going to show them here because you have to practice seeking information within the system itself.

/etc/gshadow

Right from the man page, /etc/gshadow contains the shadowed information for group accounts.

$ man 5 gshadow

As an exercise cat the file and look at the man page to understand the output

$ groupadd

This command also references the /etc/login.defs
This is how we create a group

$ groupmod

similar to usermod and groupadd

$ groupdel

This command deletes the specified group from the system.

$ usermod -aG group username

This is how we add a user to a group
-a option means append and -G option add the groups as supplementary

More about permissions

setgid Bit

We are talking the setgid bit is similar to the setuid bit but at the groups level. In regard to files, the permission allows us to execute a command or script with the same privileges as that of the group. In regard to directories, when setgid bit is set any files or sub-directories created within it will automatically have the parent directory group ownership applied.

$ chmod g+s filename/dir

sticky bit

The sticky bit is set on directories to stop normal users from deleting other normal user’s files. When set, only the owner of a file or root can delete or modify. It is applied to the “public” or “other” permission bit.

$ chmod o+t directory_name

That is all for groups and permissions that relate to collaboration.